All Products
Search

This Product

    Alibaba Cloud DNS:HTTP or HTTPS health checks

    Document Center

    Alibaba Cloud DNS:HTTP or HTTPS health checks

    Last Updated:Sep 30, 2024

    Overview

    HTTP or HTTPS health checks are performed to monitor multiple metrics of IP addresses over HTTP or HTTPS. These metrics include the web server network accessibility, service availability, and first packet latency. If a monitored IP address is abnormal, the system blocks this IP address. If the IP address becomes normal, the system unblocks the IP address.

    Configuration parameters

    1. Template Name: This parameter specifies the name of the health check template. We recommend that you use network protocols for health checks to name templates for easy identification.

    2. Detection Type: This parameter specifies the IP address type of health check nodes. Valid values: IPv4 and IPv6.

    3. Detection Protocol

      This parameter specifies the protocol that is used to monitor the metrics of IP addresses. These metrics include the web server network accessibility, service availability, and first packet latency. In this example, http or https is selected.

    4. Host Settings

      This parameter specifies the Host field of an HTTP or HTTPS request header during an HTTP or HTTPS health check. The specified value indicates the HTTP website that you want to visit. By default, the value is the primary domain name. You can modify the value based on your requirements.

    5. HTTP Path

      This parameter specifies the URL path for HTTP or HTTPS health checks. Default value: /.

    6. Verification Content

      This parameter specifies the alert threshold. During an HTTP or HTTPS health check, the system checks whether a web server functions as expected based on the status code that is returned from the web server. If the returned status code is greater than the specified threshold, the corresponding application service address is deemed abnormal. Valid values:

      • The error code is greater than 400.: indicates an invalid request. If an HTTP or HTTPS request contains invalid request parameters, a web server returns a status code that is greater than 400. You must specify an exact URL for the HTTP Path parameter.

      • The error code is greater than 500.: indicates a server error. If some exceptions occur on a web server, the web server returns a status code that is greater than 500. This value is used by default.

    7. Health Check Interval

      This parameter specifies the interval between HTTP or HTTPS health checks. Default value: 1 Minute. Global Traffic Manager (GTM) Ultimate Edition supports a minimum interval of 15 seconds.

    8. Timeout Period

      This parameter specifies the timeout period of a health check. During an HTTP or HTTPS health check, the system calculates the response time of each HTTP or HTTPS packet that is sent. If the response time of a packet exceeds the specified timeout period, the health check times out. Valid values: 2 Seconds, 3 Seconds, 5 Seconds, and 10 Seconds.

    9. Retries

      This parameter specifies the maximum number of consecutive health checks that an address of an application service fails before the address is deemed abnormal. During HTTP or HTTPS health checks, an application service is deemed abnormal only if consecutive health checks determine that an address of the application service is abnormal. The setting of this parameter prevents the accuracy of health checks from being affected by issues such as instantaneous network jitters. Valid values: 1, 2, and 3.

      • The value 1 indicates that an address of an application service is deemed abnormal when one health check determines that this address is abnormal. In this case, one alert is reported.

      • The value 2 indicates that an address of an application service is deemed abnormal when two consecutive health checks determine that this address is abnormal. In this case, two alerts are reported.

      • The value 3 indicates that an address of an application service is deemed abnormal when three consecutive health checks determine that this address is abnormal. In this case, three alerts are reported.

    1. Enable SNI

      Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) protocol, which allows a client to specify the host to be connected when the client sends a TLS handshake request. TLS handshakes occur before any data of HTTP requests is sent. Therefore, SNI enables servers to identify the services that clients are attempting to access before certificates are sent. This allows the servers to present correct certificates to the clients. You can turn on the switch to enable SNI.

    2. Follow 3XX Redirection

      If Follow 3XX Redirection is enabled, you are redirected to the destination address if an HTTP status code 3XX is returned, such as 301, 302, 303, 307, or 308. If Follow 3XX Redirection is disabled, you are not redirected to the destination address.

    3. Detection Node

      This parameter specifies the geographical locations of nodes that perform HTTP or HTTPS health checks. The following table lists the health check nodes that are provided by default.

      Node type

      Node name

      BGP Nodes

      Zhangjiakou, Qingdao, Hangzhou, Shanghai, Huhehaote, Shenzhen, and Beijing

      Overseas Nodes

      Hong Kong, Germany, Singapore, Silicon Valley, Malaysia, and Japan

      ISP Nodes

      DalianChina-Unicom, NanjingChina-Unicom, TianjinChina-Unicom, QingdaoChina-Telecom, ChangshaChina-Telecom, XianChina-Telecom, ZhengzhouChina-Telecom, ShenzhenChina-Mobile, DalianChina-Mobile, and NanjingChina-Mobile

      Important

      • If all addresses in an address pool are Alibaba Cloud IP addresses and the blackhole filtering policy is used for fault detection, select Internet service provider (ISP) nodes as detection nodes. Reason: Blackhole filtering is an access control list (ACL) policy that takes effect on the Internet between the Alibaba Cloud network and ISP networks. Traffic between Alibaba Cloud IP addresses flows in the cloud network. This reduces the detection accuracy.

      • Differences between Border Gateway Protocol (BGP) nodes and ISP nodes: BGP nodes select optimal ISP lines. For example, if BGP nodes in Shanghai are used, the China Telecom lines in Shanghai may be used when the China Mobile lines in Shanghai fail. If all lines fail, BGP nodes stop performing health checks. However, if ISP nodes are used, only networks provided by the corresponding ISP are used.

      • If you need to configure a whitelist policy for access sources on a server, you can click View Monitoring Node IP Addresses to obtain the IP addresses of the detection nodes.

      • If the IP address to be checked is outside the Chinese mainland, select nodes outside the Chinese mainland.

    4. Detected Node Failure Rate

      This parameter specifies the ratio of health check nodes that detect exceptions to all health check nodes during HTTP or HTTPS health checks. If the actual ratio is greater than or equal to the specified value, an address of an application service is deemed abnormal. Valid values: 20%, 50%, 80%, and 100%.

    Procedure

    Create a health check template

    1. Log on to the Alibaba Cloud DNS console.

    2. In the left-side navigation pane, click Global Traffic Manager. On the page that appears, click the Global Traffic Manager3.0 tab.

    3. Click the Health Detection Template tab. Then, click Create Detection Template. In the panel that appears, configure the parameters and click OK.

      Note

      If you want to create more health check templates, click Add and Continue.

      image

    Modify a health check template

    1. Log on to the Alibaba Cloud DNS console.

    2. In the left-side navigation pane, click Global Traffic Manager. On the page that appears, click the Global Traffic Manager3.0 tab.

    3. On the Global Traffic Manager 3.0 page, click the Health Detection Template tab, find the health check template that you want to modify, and then click Configuration in the Actions column.

    4. In the panel that appears, modify the parameters and click OK.

      Important

      The Detection Type parameter cannot be modified.

    Delete a health check template

    1. Log on to the Alibaba Cloud DNS console.

    2. In the left-side navigation pane, click Global Traffic Manager. On the page that appears, click the Global Traffic Manager3.0 tab.

    3. On the Global Traffic Manager 3.0 page, click the Health Detection Template tab, find the health check template that you want to delete, and then click Delete in the Actions column.

    4. In the Confirm Deletion message, check the IP addresses that are associated with the template and click OK.

      Warning

      Note the following impacts after a health check template is deleted: The template cannot be restored. Health check tasks that are performed on the addresses in the template are deleted as well. The health status of the associated addresses cannot be checked. Please exercise caution before you proceed with this operation.